-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi. Am 07.07.2014 14:11, schrieb Lukas Ocilka:
On 7.7.2014 14:07, Josef Reidinger wrote:
On Mon, 07 Jul 2014 14:01:15 +0200 Lukas Ocilka
wrote: [...]
I have general question and I think answer to it should be somewhere written as documented decision.
Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.
For me it is more native to write "rm -rf /" and not "/usr/bin/rm -rf /".
Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.
I would suggest to set PATH to a safe value (/bin, /sbin, /usr/bin,
/usr/sbin, maybe more) in your code and use the short form of the
command for your convenience. This also increase the stability of your
code.
Attacking code via PATH is only interesting in scenarios where a
normal user can execute a privileged binary (setuid, for example) and
this privileged code relies on PATH or other environment variables.
If you use sudo/su the PATH should be ok. The same for calling it
directly as root.
HTH
Thomas
- --
Thomas Biege